The end of last week saw one of those tech stories that runs the cycle—from Twitter outrage to corporate chagrin—in less than 48 hours. Here’s what happened:

On Thursday, a major tech company (in this case, Spotify) debuted a new privacy policy. The policy permitted the software to access more information than seemed reasonable (in this case, a user’s photos, contacts, and GPS location), and people were upset. They had no easy way to opt out of the new contract: They either had to agree to it or leave the service.

Late that night, a nerd hero (in this case, Markus Persson, the developer of Minecraft) told the service on Twitter that he had cancelled his subscription and that the company should be ashamed of itself. (His words: “Please consider not being evil.”) More corporate shaming from less high-profile nerds ensued Friday morning, as pundits more sympathetic to the needs of venture capital in turn condescended users. By noon in California, it was all over: The company had clarified its policy and apologized for not communicating better. Fin.

Another privacy-policy scandal managed, another variant on corporate Big Brother avoided. (Though a Spotify-driven surveillance regime would look less like 1984’s Oceania and more like The Apple’s disco-dystopian West Berlin.) So privacy policies could nicely disappear from the tech news slate—at least, until the next scandal.

And there will be a next scandal. The agita over Spotify’s privacy policy resembled disputes just this year over other companies’s privacy policies—like Samsung’s and Uber’s—as well as the the cyclical fretting over Facebook’s reach. These scandals have attained a degree of predictability: They are almost as formulaic as the legalese of the policies themselves. But beyond the cycle of discovery, outrage, and apologetic adjustment, there are deeper problems. The way lawyers, executives, and developers address user privacy just doesn’t work that well. Neither consumers nor corporations benefit from our current amend-then-freak-out regime.

That’s partly because, if we’re being honest, privacy policies are kinda boring. They’re how new and shiny consumer software gets scaffolded in mundanity. Just like how, when your new Cuisinart or Frigidaire arrives, no one looks at the manual that comes with it.

The sum is that no one wants to think about privacy policies except during a crisis—and corporations want to avoid a crisis. So when they do have to amend their policies, companies are reluctant to provide too much information lest they initiate a negative PR cycle. But that reluctance leads them to state their privacy policy expansively or in forbidding legalese—and then they invite that same crisis, as users interpret the policy in the worst way.

This traps both consumers and companies in a cycle of bad faith. As the privacy consultant Jonathan Salem Baskin put it:

The fait accompli behind privacy practices is that businesses have the right to intrude massively into customer’s lives and, since the policies are legal agreements (often executed by nothing more than their tolerance), people have made consciously willing trades: their privacy for better playlists, or shoe ads.

This just isn’t true, since few people understand those transactions. It also violates every conceivable psychological or sociological model of how humans define and manage their privacy, which depend on two parties learning to trust and reveal information to one another over time.

“It doesn’t have to be like this,” Baskin wrote. “There’s nothing inherently wrong with customers sharing their personal information or behavior, nor with companies using it to improve their operations and, gasp, profiting from it.”

The situation could also be improved with two different specific adjustments, one legal and one technical. Legally, the tech-policy writer Logan Koepke (who, full disclosure, is a friend of mine) advocates that companies should announce a new privacy policywhenever they change.

Right now, most consumer-tech companies only announce changes whenever they make “material” changes to their policy. (The last time the Federal Trade Commission issued guidance on privacy policies, in 2009, it recommended that process.) But that means that it’s up to tech companies to decide which changes are material and which are not—which sets up a potentially adversarial relationship between company and consumer.

If companies instead notified users of every change to their privacy policy, they will be more skittish about making any change, Koepke believes, and more likely to frame the changes they do make in more public-facing language. The benefits of this would then accumulate over time: Once a more user-respecting privacy regime is mandatory, companies will compete on privacy.

Medium has since changed its privacy policy accordingly, and it now notifies users whenever it makes a change to its policies. The FTC should encourage similar companies to do the same.

* * *

If a regulatory change looks unlikely, though, there is a technical intervention that Apple and Google could make. To explain how, it’s worth getting into the nitty-gritty of the Spotify flap. One of the clauses that most worried users was the following:

Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth).

The company says this access was needed for its new Running feature, announced in July, that monitored someone’s jogging pace and served them tunes appropriately. And when the company’s CEO, Daniel Ek, explained the new policy on Friday, he said that that type of data collection would always require a user’s permission:

We will never gather or use the location of your mobile device without your explicit permission. We would use it to help personalize recommendations or to keep you up to date about music trending in your area.

On Twitter, Nick Seaver, an incoming anthropology professor at Tufts University, pointed that the social costs of Spotify’s privacy policy emerged from social and technical limitations.

“The creepiness isn’t in using GPS for the running feature or whatever, it’s in asking for GPS access independent of a specific use,” he wrote. “In normal social interaction, you can tell someone where you are for a while without giving them ‘forever access’ to your location.”

To Seaver, this makes the case for “seamfulness” in design: Software should be asking for permission to use personal data more, not less. Currently, many designers aim for a “seamless” experience and take a set-it-and-forget-it approach to app privacy. The Facebook app on the iPhone, for instance, has to ask for permission the first time it tries to access the phone’s photos, camera, or GPS location—but once a user has given access, it never has to ask again. (“Seamlessness” as a goal resembles Facebook’s infamous “frictionless sharing.”)

This seamlessness is a software problem. On iOS, users can be specific about what kind of data an app can access: It can see their photos, for instance, but not their location. But once they’ve given it that access the first time, the app never asks again. A user has to go manually turn off permissions in the phone’s settings to restrict access. Android users, meanwhile, can’t even give apps permission with that level of granularity yet. It will be a feature in the next major update.

Imagine if, right before a run, Spotify asked for 60 minutes of access to your GPS location. If you still seemed on the move 55 minutes later, it would ask for another hour of access. That seems to me like a better trade: Not all the access, all the time, wherever; but access right now, for a little while, here. Apple or Google could encourage this practice simply by making that feature possible at the operating-system level. It would be more seamful, and it would be more trustworthy.

Such a technical advance would still require companies to communicate their privacy policies better to users—would require them to turn privacy policies from standalone, hedging, anxious land grabs into “living, breathing documents that represent a company’s culture,” as Koepke put it. But doing so would save both companies and users significant distress, taking us out of the cycle of wonder and shock.

Most Popular

The special counsel indicted the Russian nationals and three Russian entities for allegedly interfering in the 2016 presidential election, the Department of Justice announced Friday.

On Friday, February 16, Deputy Attorney General Rod Rosentein announced that the special counsel, Robert Mueller, had indicted 13 Russian nationals and three Russian entities on charges that including conspiracy to defraud the United States, conspiracy to commit wire fraud and bank fraud, and aggravated identity theft. This is the full text of that indictment.

Students have mourned and rallied the public after the massacre at Marjory Stoneman Douglas High that left 17 dead.

Something was different about the mass shooting this week in Parkland, Florida, in which 14 students and three adults were killed.

It was not only the death toll. The mass murder at Marjory Stoneman Douglas High became the deadliest high-school shooting in American history (edging out Columbine, which killed 13 in 1999).

What made Parkland different were the people who stepped forward to describe it. High-school students—the survivors of the calamity themselves—became the voice of the tragedy. Tweets that were widely reported as coming from the students expressed grief for the victims, pushed against false reports, and demanded accountability.

Outrage mobs are chipping away at democracy, one meaningless debate at a time.

The mob was unusually vociferous, even for Twitter. After the California-born ice skater Mirai Nagasu became the first American woman to land a triple axel at the Olympics, the New York Times writer Bari Weiss commented “Immigrants: They get the job done.”

What followed that innocuous tweet was one of the sillier, manufactured controversies I have ever seen on Twitter. Twitter’s socially conscious denizens probably only realized they should be outraged at Weiss after they saw other people being outraged, as is so often the case. Outside of Twitter, some of Weiss’s Times colleagues were also offended by the tweet—and even hurt by it. The critics’objection was that Nagasu isn’t herself an immigrant, but rather the child of immigrants, and so calling her one was an example of “perpetual othering.”

The company’s unusual offer—to give employees up to $5,000 for leaving—may actually be a way to get them to stay longer.

On Monday, Amazon reportedly began a series of rare layoffs at its headquarters in Seattle, cutting several hundred corporate employees. But this week, something quite different is happening at the company’s warehouses and customer-service centers across the country: Amazon will politely ask its “associates”—full-time and part-time hourly employees—if they’d prefer to quit. And if they do, Amazon will pay them as much as $5,000 for walking out the door.

Officially called “The Offer,” this proposition is, according to Amazon, a way to encourage unhappy employees to move on. “We believe staying somewhere you don’t want to be isn’t healthy for our employees or for the company,” Ashley Robinson, an Amazon spokesperson, wrote to me in an email. The amount full-time employees get offered ranges from $2,000 to $5,000, and depends on how long they have been at the company; if they take the money, they agree to never work for Amazon again. (The idea for all this originated at Zappos, the online shoe retailer that Amazon bought in 2009.)

The clear goal of the special counsel is to speak to the American public about the seriousness of Russian interference.

With yet another blockbuster indictment (why is it always on a Friday afternoon?), Special Counsel Robert Mueller has, once again, upended Washington. And this time, it is possible that his efforts may have a wider effect outside the Beltway.

For those following the matter, there has been little doubt that Russian citizens attempted to interfere with the American presidential election. The American intelligence agencies publicized that conclusion more than a year ago in a report issued in January 2017, and it has stood by the analysis whenever it has been questioned. But some in the country have doubted the assertion—asking for evidence of interference that was not forthcoming.

Now the evidence has been laid out in painful detail by the special counsel. If any significant fraction of what is alleged in the latest indictment is true (and we should, of course, remind ourselves that an indictment is just an allegation—not proof), then this tale is a stunning condemnation of Russian activity. A Russian organization with hundreds of employees and a budget of millions of dollars is said to have systematically engaged in an effort (code named “Project Lakhta”) to undermine the integrity of the election and, perhaps more importantly, to have attempted to influence the election to benefit then-candidate Donald Trump. Among the allegations, the Russians:

In February 2011, Swiss citizens voted in a referendum that called for a national gun registry and for firearms owned by members of the military to be stored in public arsenals.

“It is a question of trust between the state and the citizen. The citizen is not just a citizen, he is also a soldier,” Hermann Suter, who at the time was vice president of the Swiss gun-rights group Pro Tell, told the BBC then. “The gun at home is the best way to avoid dictatorships—only dictators take arms away from the citizens.”

Apparently many of his fellow Swiss agreed. The referendum was easily defeated. Gun ownership in the countryhas deep historic roots and it is tied to mandatory military service for Swiss men between the ages of 18 and 34. Traditionally, soldiers were allowed to keep their weapons at home in order to defend against conquering armies. These fears came close to being realized during the Franco-Prussian War on 1871; as well as World War I, when the Swiss border was threatened; and World War II, when the country feared a Nazi invasion.

Tech analysts are prone to predicting utopia or dystopia. They’re worse at imagining the side effects of a firm's success.

The U.S economy is in the midst of a wrenching technological transformation that is fundamentally changing the way people sleep, work, eat, shop, love, read, and interact.

At least, that’s one interpretation.

A second story of this age of technological transformation says that it’s mostly a facade—that the last 30 years have been a productivity bust and little has changed in everyday life, aside from the way everyone reads and watches videos. People wanted flying cars and got Netflix binges instead.

Let’s call these the Disrupt Story and the Dud Story of technology. When a new company, app, or platform emerges, it’s common for analysts to divide into camps—Disrupt vs. Dud—with some yelping that the new thing will change everything and others yawning with the expectation that traditionalism will win out.

Leggings and yoga gear are common sights at practice rinks. But in competition, gender-coded costumes still prevail.

Last weekend, one of the buzzier stories out of the Olympic ladies’ figure skating short program competition was one you might call … surprisingly surprising. The French figure skater Maé-Bérénice Méité made headlines: for the fact that she skated to a Beyoncé medley, and even more so, for the fact that she did it in pants.

More accurately, she did it in a bedazzled black unitard, but that didn’t stop news outlets and viewers on Twitter from pointing out Méité’s eye-catching, subtly subversive pants. “This French figure skater may not have won a medal, but her pants took people's choice,” raved Yahoo! News, and AOL named Méité’s bodysuit to its list of “most dazzling figure skating outfits” of these Olympic Games.

Like it or not, the middle class became global citizens through consumerism—and they did so at the mall.

“Okay, we’ll see you in two-and-a-half hours,” the clerk tells me, taking the iPhone from my hand. I’m at the Apple Store, availing myself of a cheap smartphone battery replacement, an offer the company made after taking heat for deliberately slowing down devices. A test run by a young woman typing at a feverish, unnatural pace on an iPad confirms that mine desperately needed the swap. As she typed, I panicked. What will I do in the mall for so long, and without a phone? How far the mall has fallen that I rack my brain for something to do here.

The Apple Store captures everything I don’t like about today’s mall. A trip here is never easy—the place is packed and chaotic, even on weekdays. It runs by its own private logic, cashier and help desks replaced by roving youths in seasonally changing, colored T-shirts holding iPads, directing traffic.

The director Ryan Coogler's addition to the Marvel pantheon is a superb genre film—and quite a bit more.

Note: Although this review avoids plot spoilers, it does discuss the thematic elements of the film at some length.

After an animated introduction to the fictional African kingdom of Wakanda, Black Panther opens in Oakland in 1992. This may seem an odd choice, but it is in fact quite apt. The film’s director, Ryan Coogler, got his start in the city, having been born there in 1986. His filmmaking career has its roots there, too, as it was the setting for his debut feature, Fruitvale Station.

A bunch of schoolboys (a fictionalized young Coogler perhaps among them) play pickup hoops on a court with a milk-crate basket. But in the tall apartment building above them two black radicals are plotting a robbery. There’s a knock on the door and one of the men looks through the peephole: “Two Grace Jones–lookin’ chicks—with spears!” I won’t recount the rest of the scene, except to note that the commingling of two very different iterations of the term “Black Panther”—the comic-book hero and the revolutionary organization, ironically established just months apart in 1966—is in no way accidental, and it will inform everything that follows.